mbedtls: Move local mbedtls to v3.6.0

The in-tree mbedtls (used for the simulator and some targets) is a few years
old, and currently is unable to pass the rsa tests when built with clang.
Update this mbed TLS to the v3.6.0 release.  This fixes clang support in the
simulator.

There are a few minor changes to configuration and what files are needed to
support newer version of Mbed TLS.

Fixes #1986

Signed-off-by: David Brown <[email protected]>

Author: d3zd3z

ext/mbedtls

@@ -108,6 +108,7 @@ fn main() {
             conf.file("../../ext/mbedtls/library/chachapoly.c");
             conf.file("../../ext/mbedtls/library/cipher.c");
             conf.file("../../ext/mbedtls/library/cipher_wrap.c");
+            conf.file("../../ext/mbedtls/library/constant_time.c");
             conf.file("../../ext/mbedtls/library/ctr_drbg.c");
             conf.file("../../ext/mbedtls/library/des.c");
             conf.file("../../ext/mbedtls/library/ecdsa.c");
@@ -130,14 +131,14 @@ fn main() {
             conf.file("../../ext/mbedtls/library/psa_crypto.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_cipher.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_client.c");
-            conf.file("../../ext/mbedtls/library/psa_crypto_driver_wrappers.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_ecp.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_hash.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_mac.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_rsa.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_slot_management.c");
             conf.file("../../ext/mbedtls/library/psa_crypto_storage.c");
             conf.file("../../ext/mbedtls/library/psa_its_file.c");
+            conf.file("../../ext/mbedtls/library/psa_util.c");
             conf.file("../../ext/mbedtls/library/ripemd160.c");
             conf.file("../../ext/mbedtls/library/rsa_alt_helpers.c");
             conf.file("../../ext/mbedtls/library/sha1.c");
@@ -169,6 +170,9 @@ fn main() {
 
         conf.file("../../ext/mbedtls/library/rsa.c");
         conf.file("../../ext/mbedtls/library/bignum.c");
+        conf.file("../../ext/mbedtls/library/bignum_core.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
+        conf.file("../../ext/mbedtls/library/nist_kw.c");
         conf.file("../../ext/mbedtls/library/platform.c");
         conf.file("../../ext/mbedtls/library/platform_util.c");
         conf.file("../../ext/mbedtls/library/asn1parse.c");
@@ -202,6 +206,9 @@ fn main() {
 
         conf.file("../../ext/mbedtls/library/asn1parse.c");
         conf.file("../../ext/mbedtls/library/bignum.c");
+        conf.file("../../ext/mbedtls/library/bignum_core.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
+        conf.file("../../ext/mbedtls/library/nist_kw.c");
         conf.file("../../ext/mbedtls/library/ecdsa.c");
         conf.file("../../ext/mbedtls/library/ecp.c");
         conf.file("../../ext/mbedtls/library/ecp_curves.c");
@@ -221,6 +228,9 @@ fn main() {
         conf.file("csupport/keys.c");
         conf.file("../../ext/mbedtls/library/asn1parse.c");
         conf.file("../../ext/mbedtls/library/bignum.c");
+        conf.file("../../ext/mbedtls/library/bignum_core.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
+        conf.file("../../ext/mbedtls/library/nist_kw.c");
         conf.file("../../ext/mbedtls/library/ecp.c");
         conf.file("../../ext/mbedtls/library/ecp_curves.c");
         conf.file("../../ext/mbedtls/library/platform.c");
@@ -282,6 +292,9 @@ fn main() {
         conf.file("../../ext/mbedtls/library/md.c");
         conf.file("../../ext/mbedtls/library/aes.c");
         conf.file("../../ext/mbedtls/library/bignum.c");
+        conf.file("../../ext/mbedtls/library/bignum_core.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
+        conf.file("../../ext/mbedtls/library/nist_kw.c");
         conf.file("../../ext/mbedtls/library/asn1parse.c");
     }
 
@@ -305,6 +318,7 @@ fn main() {
         conf.conf.include("../../ext/mbedtls/library");
         conf.file("../../ext/mbedtls/library/platform_util.c");
         conf.file("../../ext/mbedtls/library/nist_kw.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
         conf.file("../../ext/mbedtls/library/cipher.c");
         conf.file("../../ext/mbedtls/library/cipher_wrap.c");
         conf.file("../../ext/mbedtls/library/aes.c");
@@ -369,6 +383,9 @@ fn main() {
         conf.file("../../ext/mbedtls/library/sha256.c");
         conf.file("../../ext/mbedtls/library/asn1parse.c");
         conf.file("../../ext/mbedtls/library/bignum.c");
+        conf.file("../../ext/mbedtls/library/bignum_core.c");
+        conf.file("../../ext/mbedtls/library/constant_time.c");
+        conf.file("../../ext/mbedtls/library/nist_kw.c");
         conf.file("../../ext/mbedtls/library/ecdh.c");
         conf.file("../../ext/mbedtls/library/md.c");
         conf.file("../../ext/mbedtls/library/aes.c");

sim/mcuboot-sys/build.rs

@@ -22,6 +22,7 @@
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_MD_C
 #define MBEDTLS_OID_C
+#define MBEDTLS_CIPHER_C
 #if defined(MCUBOOT_SIGN_EC384)
 #define MBEDTLS_SHA384_C
 #define MBEDTLS_SHA512_C

sim/mcuboot-sys/csupport/config-ec-psa.h

@@ -63,6 +63,7 @@
 
 /* mbed TLS modules */
 #define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_MD_C
 #define MBEDTLS_OID_C
@@ -72,10 +73,6 @@
 #define MBEDTLS_CIPHER_C
 #define MBEDTLS_NIST_KW_C
 
-/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS             2048
-#define MBEDTLS_MPI_MAX_SIZE              256
-
 #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
 
 /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */